Re: [Fed-Talk] RE: FOSE 2005
Re: [Fed-Talk] RE: FOSE 2005
- Subject: Re: [Fed-Talk] RE: FOSE 2005
- From: Kit Plummer <email@hidden>
- Date: Tue, 12 Apr 2005 08:04:44 -0700
Shawn,
You've missed my point. It is not a technical issue. I am
completely aware of the CC stuff. However, there are very, very few
people on the other side of the fence that are. It is a red-tape
problem. DSS, in my world, is not prepared to handle anything other
than Windows and maybe Solaris. So, seeking approval for anything
else is, in most cases futile. Indeed, the process for getting
approval is so twisted we rarely get past internal security personnel.
Kit
On Apr 12, 2005, at 7:53 AM, Shawn Geddis wrote:
Full auditing has been included in Mac OS X 10.3.6 / OS X Server
since 10.3.6 when applying the Common Criteria Tools (final audit
pieces). This auditing will provide what you need to meet NISPOM
(Chapter 8) Auditing requirements for DSS approval. Several
facilities have already done this.
For more information on the Common Criteria Certification as well
as the auditing:
Common Criteria Introduction:
http://www.apple.com/support/security/commoncriteria/
-Shawn
___________________________________________
Shawn Geddis
Security Consulting Engineer
Apple Computer - US Federal Government
On Apr 12, 2005, at 10:28 AM, Kit Plummer wrote:
Paul,
DSS = Defense Security Service (http://www.dss.mil)
By "classify" I mean utilizing OS X in a "classified" area. In my
case, a closed lab. Certification means nothing. DSS
authorization means everything.
Having said that, there is a benefit of the certification. It
means that there is a glimmer of hope that we will be able to
account for everyone one of DSS's auditing requirements. For
every system in a classified environment we must go through the
"certification" process. Really, it is quite foolish - but, at
some point there must be accountability.
You'd think that after the first "clearance" it would be smooth
sailing. Not true. Bureaucrats need there empires I guess.
Kit
On Apr 11, 2005, at 7:20 PM, Paul D Yu wrote:
Kit
What are DSS issues? and What do you mean classify OS X systems?
OS X 10.3 went through some certification already right?
Paul
On Apr 11, 2005, at 5:37 PM, Kit Plummer wrote:
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden